Courses in Digital Forensics
B FOR 100 Introduction to Information Systems (3)
This course provides a foundation of information systems concepts that can be applied to future learning in advanced topics. The course will include background in the history and social implications of computing including cyber ethics; emergent and contemporary information technology and its nomenclature; information and data abstraction, representation, manipulation and storage; operating systems; networking and the Internet, programming languages, logic, and algorithms; database systems; digital graphics and multimedia; and information security.
B FOR 201 (formerly B ITM 201) Introduction to Digital Forensics (3)
In this course, students will learn the fundamental process of analyzing data collected from electronic devices (including computers, media, and other digital evidence). Students will become familiar with proper techniques and tools utilized for securing, handling and preserving digital and multimedia evidence at physical crime scenes. Students will utilize examination and chain of custody forms, as well as prepare crime scene and digital acquisition reports related to administrative, civil and criminal investigations. Only one version of B FOR 201 may be taken for credit. Offered fall and spring semesters.
B FOR 202 (formerly B ITM 202) Cyber Crime Investigations (3)
This course will teach students forensic investigative techniques specifically for managing cyber crimes including collection and preservation of data from different sources, such as the Internet and "cloud" computing environments. Students will learn the legal processes available for collecting and preserving such evidence in conducting cyber investigations. Only one version of B FOR 202 may be taken for credit. Offered fall semester only.
B FOR 203 Networking: Introduction to Data Communication (3)
The past couple of decades have witnessed the digital revolution profoundly altering our society. Most of the business affairs have been linked to communication and networking technologies. With tremendous advances in networking, it is now feasible to connect all the devices such as computers, tablets, smart phones, and mainframes together. However, the newly innovative communication and networking technologies pose additional challenges to business and IT management. Nowadays, IT professionals must have an elementary understanding of those technologies that facilitate them better impose management in the organization or perform advanced analysis such as for network forensics. Balanced technical and managerial contents are incorporated to enable students to learn from various perspectives. This course will introduce the student to the organization and design of data networks. Topics include networking media, Ethernet technology, the TCP/IP protocol suite, subnets, routers and routing protocols, Wide Area Networks (WANs), and fundamentals of network management. This course includes hands-on experience of networking techniques. Offered fall semester only.
B FOR 204 Fundamentals Information and Cybersecurity (3)
This course covers computer and network security. This course will examine general security concepts that include: communication security, infrastructure security, operation/organizational security, basic cryptography and steganography. Students will learn and apply de facto security best practices administering clients, servers and firewalls in a dedicated computer network laboratory. Students will have the opportunity to assess vulnerabilities and administer information security. Offered spring semester only.
B FOR 300 Databases for Digital Forensics (3)
A large part of digital forensics deals with extraction and collection of data across electronic devices each of which has different architecture. In this class students learn the traditional relational database design and then understand the architecture of data storage in mobile electronic devices. The class also discusses in depth the storage of data on the cloud and the ramifications of that on digital forensics. Students also learn the basic techniques for analyzing data including use of Structured Query Language, data mining techniques and social network analysis. Students will also use scripting languages to efficiently clean up data from text files and extract information from files. Prerequisite(s): B FOR 100 or permission of instructor. Offered fall semester only.
B FOR 301 (formerly B ITM 301) Computer Forensics I (3)
This course prepares students to conduct digital forensic examination of computers, removable media and other electronic devices. Students will use digital forensics tools and techniques to analyze digital evidence pursuant to an investigation, while utilizing industry standards and best practices. This course will prepare students in the development and implementation of forensic incident response plans, policies and procedures. Students will engage in oral and written reporting outlining digital forensic analysis findings and conclusions, in a professionally acceptable manner, pursuant to administrative, civil and criminal legal proceedings. Only one version of B FOR 301 may be taken for credit. Prerequisite(s): B ITM 201 or B FOR 201 or permission of instructor. Offered fall semester only.
B FOR 302 (formerly B ITM 302) eDiscovery Forensics (3)
This course prepares students for the electronic collection, preservation and management of corporate information. It provides a foundation on basic corporate incident response challenges and proper collection methods for electronic data subject to legal and regulatory requirements. Students will utilize forensics tools for searching, culling and presenting corporate data, pursuant to administrative and civil eDiscovery cases. Only one version of B FOR 302 may be taken for credit. Offered fall semester only.
B FOR 303 Computer Forensics II (3)
This course prepares students to conduct a digital forensic examination and analysis involving complex cases, electronic devices and data, as well as other forensic processes utilized to ensure government and corporate continuity. This course will prepare students to develop and implement policies and procedures for computer forensic laboratories involving operations and quality control management. It prepares students to compose and present oral and written reports that include laboratory audits, forensic analysis findings and court presentation material. Prerequisite(s): B FOR 301 or permission of instructor. Offered spring semester only.
B FOR 304 Network and Mobile Forensics (3)
This course exposes students to procedures for conducting live network forensics of computer system components and data. It prepares students to collect, preserve, and examine networks, computers, mobile devices and relevant data that may be critical to an investigation. Students will develop network incident response plans, policies and procedures relevant to corporate networks and data, as well as mobile corporate assets, such as mobile devices. It prepares students to compose and present oral and written reports that outline network and mobile device forensic analysis findings that are technically and legally acceptable in administrative hearings and court proceedings. Prerequisite(s): B FOR 203 and B FOR 301. Offered spring semester only.
B FOR 401W Advanced Digital Forensics (4)
Instructor will guide students through proficiency testing by utilizing digital forensic skills obtained in previous coursework to develop an incident response plan to guide a forensic investigation. Based on case-study scenario, students will also conduct forensic analysis of several items of digital evidence, prepare comprehensive written forensic laboratory reports and present findings to a panel of legal, forensics and management subject matter experts for constructive feedback. Students will also prepare exhibits and other materials for court presentation purposes based on the case-study scenario, forensic analysis findings and written laboratory reports. Instructor will conduct quality control assessments to ensure students are performing forensic analysis that is in compliance with industry standards guiding forensic and laboratory work environments. Prerequisite(s): B FOR 302, B FOR 303, and B FOR 304. Offered fall semester only.
B FOR 402 Digital Forensics Moot Court (4)
This is a capstone course where students will learn how to provide expert testimony as a part of presenting their findings from completion of an advanced level digital forensic analysis. Students will learn how to prepare for and give expert witness testimony related to digital evidence, including how to deal with opposing counsel cross-examinations and how to effectively relay such information to a jury. Students will engage in a "mock" court grand jury, suppression hearing, and trial proceedings. Panel of subject matter experts from the legal, forensic and management fields will assist in the guidance and constructive feedback of students participating in "mock" court proceedings. Instructor will assess student's competence in providing a technical testimony to a group of non-technical listeners, such as judges, juries, as well as administrative and human resource officers. Prerequisite(s): B FOR 302, B FOR 303, B FOR 304 and B FOR 401W. Offered spring semester only.
B FOR 410 International Cyber Conflicts (3)
Cybersecurity is an international problem where the perpetrators and victims of attacks may be in completely disparate locations. Cyber attacks have morphed from cyber crime and amateur display of prowess into cyber warfare and espionage among nations. While the issues are international there is little consensus on how to investigate them, create universally acceptable norms, and create international laws across multiple countries to manage them. This course discusses some of these sensitive issues regarding information security and cyber warfare. The hope is to improve understanding between professionals and students across countries in order to foster cooperation in resolving cyber conflicts. The class will include cases and discussions that will touch on the sensitive security related topics.
B FOR 411 Supervisory Control and Data Acquisition (SCADA) Forensics (3)
Supervisory Control And Data Acquisition (SCADA) systems are computer systems controlling large-scale, industrial equipment, often underlying important infrastructural assets such as power plants, water distribution facilities, and communication networks. This class is intended to familiarize students with how to forensically investigate and secure SCADA system. Due to the nature and impact of SCADA systems on human lives they typically have more requirements than standard systems. Because SCADA systems are imbedded into critical infrastructure it is vital to understand the regulatory compliance and system governance associated with these systems. As recent events, both domestically and internationally, have demonstrated, SCADA forensics skills are increasingly important and in demand today. Prerequisite(s): R CRJ 281, A MAT 108, or equivalent; recommended B FOR 201 and 202.
B FOR 412 Cyber Incident Analysis (3)
This course will discuss detection, management, and recovery from different types of incidents. The goal of this course is to provide students with a method for performing cyber incident analysis. Real incident data will be used to illustrate different incident analysis techniques. Students will learn to identify the data sources, e.g. log files, and how to process the data into a meaningful analysis format. The class will cover analysis of individual files as well as techniques to correlate information across multiple log sources to build a chain of evidence across those log files. Prerequisite(s): B FOR 100 and B FOR 204 or permission of the instructor.
B FOR 413 Multimedia Forensics (3)
This course prepares students to conduct digital forensic examinations on multimedia evidence, specifically images, videos and audio files. The course builds student knowledge from the basics of multimedia types to being able to recognize anomalies in the files and identify file creation attributes. Students will learn how to examine multimedia files manually and through automated processes utilized by digital forensic tools. Students will prepare written reports outlining their findings of analysis, in a professionally acceptable manner, pursuant to administrative, civil and criminal legal proceedings. Prerequisite(s): R CRJ 281, A MAT 108, or equivalent; recommended B FOR 201 and 202.
B FOR 414 Cyber Threat Modeling (3)
This course is an introduction to cyber threat modeling from a variety of perspectives. Included in the course are threat modeling, application of cyber threat intelligence, analysis of technical threats, 360-degree cyber threat analysis techniques, data and information sources that feed the threat analysis cycle and hands-on exercises using security data. The course is heavily lab-oriented and each class will have a specific lab objective to be achieved by students working in teams of two. Periodic quizzes will make up the testing portion of the course but instead of a mid-term and final exam there will be a final lab exercise that will involve all of the tools and techniques used during the course. That final lab will be constructed from real world events occurring during the final half of the semester. Students also will prepare a research project and present it both as a formal paper to be turned in and a class presentation. Prerequisite(s): B FOR 203, working knowledge of networking (TCP/IP protocol stack).